Department Overview:

RISK Group Data Protection (GDP) is part of the RISK Department within BNP Paribas. It is a part of the 2nd line of defence under the Bank’s Group Data Protection Officer. It supports the BNP Paribas Group network of Data Protection Officers and specialists across the Group and its entities. The department has responsibility for identification of key Data Protection risks to the Bank and influencing business and technology partners to take sound risk management decisions. This is achieved through the below competency areas: 

• Privacy Risk and Operations - Manages the RISK Data Protection ecosystem including the privacy framework and regulation, the technical infrastructure, and tools to support privacy operations, and the resources that operate the framework Groupwide. 
• Advisory – Supporting Data Protection initiatives and projects across the Group with risk opinion on Data Protection Topics. Promote the risk-based approach and leverage DPIA practices to facilitate risk reduction and enable Group Data Protection readiness.
• Privacy Tech & Third Parties – Lead and support advisory on implementation of IT and third-party management controls necessary to comply with Data Protection requirements and regulations including Privacy by Design, security and organisational measures, Cyber Security training, Subject Matter Expert (SME) support and tech innovation.

Job Purpose:

Overview

The holder of this job is an expert on Privacy Risk, and Data Protection practices and legal requirements, who can apply knowledge and judgment to interpret internal or external business issues. 

Integrated in the Global RISK ORM Iberian Centre of Excellence, the role is key to the delivery of DPO Services. These can be delivered remotely anywhere in the world, therefore flexibility on working hours is required: 

• Provides Subject Matter Expertise on Data Protection practices and legal requirements to DPOs and global initiatives / local projects/ emerging privacy topics. 
• Delivers DPO as-a-service activities creating resilience to the services provided by the DPO network across the Group territories and business lines.
• Identifies and monitors Privacy and Data Protection risks and the evolving regulatory frameworks.
• Timely escalates any issues foreseen.

Your Main Activities Are

Main tasks to perform include, but are not limited to:

• Supports the GDP, in particular the delivery of DPO Services, acting as highly specialised Data Protection SME as needed. 
• Perform statutory DPO tasks equivalent to those described in Art. 39 GDPR
• Support and advise the business, functions and operational departments (1st line of defense) on implementation of Group Policies and guidelines on Personal Data Protection and monitor consistency in their implementation
• Advise business stakeholders and engage with other departments (e.g. Legal, Compliance, CDO, IT) on projects (privacy-by-design and –by-default, privacy impact assessments) 
• Identify and address remediation actions to tackle gaps and weaknesses in the DP Framework
• Assessment of data breaches and incidents
• Oversee the compliance to Data Subject Rights obligations (identification, responses to Data Subjects, follow-up)
• Conduct training and awareness sessions to embed the DP principles and requirements

In addition:

Profile and Skills to Success

• Solid expertise in Privacy and Data Protection, ideally with a good understanding of Info Security 
• Familiar with the relevant external regulations and legislation.
• Good working knowledge of professional standards and protocol, and able to apply them to the Business to develop and improve BNPP processes and practices. 
• Excellent communication and influencing skills. 

Essential

• Expert on Data Protection law and practices (Legal, Technical and Operational).
• Strong understanding of regulatory environments pertaining to GDPR and other Data Protection regulations
• Fluency in English.
• 5+ years’ experience on Privacy and Data Protection.

Preferred

• Legal, Management or Engineering Degree. Postgraduate qualifications preferred
• CIPP/E certified or equivalent 
• Command of Spanish and/or Portuguese (preferred)
• Experience working as part of a geographically dispersed team

Personal Skills and Behaviours

• Ability to analyse complex legal, technical and business issues
• Strong communication skills 
• Ability to collaborate across business lines and geographies.
• Solution oriented: identifies quick wins and solutions.
• Ability to work in a multi-cultural, multi-lingual environment adapting ways of working as required

#LI-Hybrid 

Why joining BNP Paribas? 

· Leading banking institution

BNP Paribas is the European Union’s leading bank, and key player in international banking. It operates in 63 countries and has nearly 183.000 employees, including more than 146.000 in Europe.

· Our presence in Portugal

In Portugal since 1985, BNP Paribas today has more than 8.700 employees, distributed across the Group's 10 business entities established in the country. Its presence also extends to 11 excellence centres providing value-added services to various countries where the BNP Paribas Group also operates.

· International reach

Thanks to its international presence and regular and close collaboration among its different entities, BNP Paribas has the resources to support all clients with financing, investment, savings and protection solutions that help make their projects a success. BNP Paribas holds key positions in its three core operating divisions: 

• Retail Banking, a division that brings together all of the Group’s retail activities and specialised business lines; 
• Investment & Protection Services that include specialised businesses offering a wide range of savings, investment and protection services; 
• Corporate & Institutional Banking division that offers tailored financial solutions for corporate and institutional clients.

· Diversity and Inclusion commitment

BNP Paribas is an equal opportunity employer and proud to provide equal employment opportunity to all job seekers. We are actively committed to ensuring that no individual is discriminated against on the grounds of age, disability, gender reassignment, marriage or civil partnership status, pregnancy and maternity/paternity, race, religion or belief, sex or sexual orientation. Equity and diversity are at the core of our recruitment policy because we believe that they foster creativity and efficiency, which in turn increase performance and productivity. We strive to reflect the society we live in, while keeping with the image of our clients.

· Commitment towards work/life balance

At BNP Paribas we care about our employees wellbeing and promote a culture of good integration between work and rest. We believe our employees have rich personal lives outside of work, being fundamental to be disconnected from work to recharge both physically and mentally. Only through this balance we may all be at our best while working.

· Remote Working Conditions

At BNP Paribas, we embrace a Smart Working framework based on trust, autonomy and collaboration. Within this framework, eligible employees can benefit from flexible remote working modalities adapted to our hybrid working environment. To guarantee a comfortable and efficient working set-up, eligible employees are provided with both the office and home equipment, are entitled to an equipment allowance and can benefit from exclusive partnerships to purchase additional equipment at reduced prices. 

To find out more on why you should join BNP Paribas visit https://bnpp.lk/why-BNP-Paribas-Portugal

* Please note that only applications submitted in English will be considered. 

* In case you are selected for this role, further documentation will be requested to support your hiring process.